SonicWall has patched a critical vulnerability in its firewall service that could allow criminals to gain access to the underlying device.
The company issued a patch and a follow-up advisory, explaining that it had discovered and fixed an improper access control bug. The flaw is tracked as CVE-2024-40766 and has a severity rating of 9.3, making it critical.
The advisory states: “An access control vulnerability has been identified in the SonicWall SonicOS administrative access that could potentially lead to unauthorized access to resources and, in certain circumstances, a firewall crash.”
Patches and workarounds
The company further explained that SonicWall Firewall Gen 5 and Gen 6 devices are affected by this bug. Gen 7 devices are also vulnerable, albeit those running SonicOS 7.0. 1-5035 and earlier.
To protect the endpoints from potential intrusions, users should update their firewalls to the following versions:
SOHO (Gen 5 Firewalls) – 5.9.2.14-13o
Gen 6 Firewalls – 6.5.2.8-2n (for SM9800, NSsp 12400, and NSsp 12800) and 6.5.4.15.116n (for other Gen 6 Firewall devices)
The company said that devices running SonicOS firmware version higher than 7.9. 1-5035 should be safe as the bug cannot be reproduced. However, installing the latest firmware is recommended.
Those who are unable to install the patch should try the workaround, which consists of restricting firewall management access to only those people they trust. Alternatively, they can also disable firewall WAN management access from all internet sources.
So far, there have been no reports of exploits in the wild. But if history is any teacher, now that the patch has been released and the bug is known, it’s only a matter of time before criminals start scanning the internet for vulnerable endpoints. Previously, SonicWall’s solutions were targeted by Chinese state-sponsored hackers, who created a piece of malware that could even survive firmware updates.
Via The Hacker News